- root@localhost
- @ionstorm
Highlights
- Pro
Block or Report
Block or report ion-storm
Contact GitHub support about this user’s behavior. Learn more about reporting abuse.
Report abuse-
sysmon-config Public
Forked from SwiftOnSecurity/sysmon-configAdvanced Sysmon ATT&CK configuration focusing on Detecting the Most Techniques per Data source in MITRE ATT&CK, Provide Visibility into Forensic Artifact Events for UEBA, Detect Exploitation events…
-
ace-proctree Public
Forked from ACE-Responder/ace-proctreeCreate a cool process tree like https://twitter.com/ACEResponder.
Python UpdatedMar 1, 2023 -
falcon-query-assets Public
Forked from CrowdStrike/falcon-query-assetsWelcome to the Falcon Query Assets GitHub page.
UpdatedSep 21, 2022 -
BlueHound Public
Forked from zeronetworks/BlueHoundTypeScript Apache License 2.0 UpdatedAug 8, 2022 -
-
k8s-go-sigma-streamer Public
Repo for project GoAhead talk at ShmooCon 2022
Go Other UpdatedMar 30, 2022 -
SysmonCommon Public
Forked from Sysinternals/SysmonCommonThe common parts of the Sysinternals Sysmon tool shared between the Windows and Linux versions.
-
security_monitoring Public
Forked from humio/security_monitoring -
ksql-extras Public
Forked from RADAR-base/ksql-extrasUDF/UDAFs for KSQL and example Queries.
Java Apache License 2.0 UpdatedFeb 17, 2022 -
humio-fdr-utils Public
Forked from Trifork-Security/humio-fdr-utilsPackage to help around crowdstrike/fdr data
Apache License 2.0 UpdatedFeb 2, 2022 -
cp-siem Public
Forked from berthayes/cp-siemA dockerized demo for illustrating how Confluent can be used in a SIEM Modernization use case.
Shell UpdatedDec 5, 2021 -
-
restore-archive-for-splunk Public
Forked from seynur/restore-archive-for-splunkPython MIT License UpdatedOct 30, 2021 -
sigma Public
Forked from SigmaHQ/sigmaGeneric Signature Format for SIEM Systems
Python UpdatedAug 26, 2021 -
solutions-terraform-jenkins-gitops Public
Forked from GoogleCloudPlatform/solutions-terraform-jenkins-gitopsDemonstrates the use of Jenkins and Terraform to manage Infrastructure as Code using GitOps practices
HCL Apache License 2.0 UpdatedJul 24, 2021 -
Cyber Threat Intelligence Repository expressed in STIX 2.0
-
-
ConfluentCyberDemo Public
Forked from wlaforest/ConfluentCyberDemoAnalyze Zeek IDS data with ksqlDB running on Confluent Platform via Docker on your laptop. Or spin up an arbitrary number of AWS hosts, each running Confluent Platform and ksqlDB for use in an inst…
Python UpdatedJun 4, 2021 -
sysmon-edr Public
Sysmon EDR POC Build within Powershell to prove ability.
-
grafana Public
Forked from grafana/grafanaThe open and composable observability and data visualization platform. Visualize metrics, logs, and traces from multiple sources like Prometheus, Loki, Elasticsearch, InfluxDB, Postgres and many mo…
TypeScript Apache License 2.0 UpdatedJan 4, 2021 -
sentinelone-queries Public
Forked from keyboardcrunch/sentinelone-queriesRepository of SentinelOne Deep Visibility queries.
GNU Lesser General Public License v2.1 UpdatedDec 18, 2020 -
PS-SentinelOne Public
Forked from davidhowell-tx/PS-SentinelOnePowerShell module for SentinelOne API
PowerShell MIT License UpdatedNov 10, 2020 -
SentinelOne-ATTACK-Queries Public
Forked from keyboardcrunch/SentinelOne-ATTACK-QueriesMITRE ATT&CK mapped queries for SentinelOne Deep Visiblity
MIT License UpdatedOct 23, 2020 -
o365beat Public
Forked from counteractive/o365beatElastic Beat for fetching and shipping Office 365 audit events
Go Other UpdatedSep 9, 2020 -
emotet-malware-killer Public
-
ProcessBouncer Public
Forked from hjunker/ProcessBouncerProcessBouncer is a PoC for blocking malware with a process-based approach. With a little fine-tuning this allows to effectively block most of current ransomware that is out there.
PowerShell GNU General Public License v3.0 UpdatedDec 29, 2019 -
Graylog-Okta Public
Forked from theabraxas/Graylog-OktaAn integration for Graylog and Okta
PowerShell Apache License 2.0 UpdatedDec 2, 2019 -
exploitguard Public
Forked from palantir/exploitguardDocumentation and supporting script sample for Windows Exploit Guard
-
DropNet Public
Forked from g3rzi/DropNetA tool that can be used to close network connections automatically with a given parameters
PowerShell Apache License 2.0 UpdatedOct 17, 2019 -